CN114095354A - Electronic device, method for electronic device, computer-readable medium, and apparatus - Google Patents

Electronic device, method for electronic device, computer-readable medium, and apparatus Download PDF

Info

Publication number
CN114095354A
CN114095354A CN202010788811.8A CN202010788811A CN114095354A CN 114095354 A CN114095354 A CN 114095354A CN 202010788811 A CN202010788811 A CN 202010788811A CN 114095354 A CN114095354 A CN 114095354A
Authority
CN
China
Prior art keywords
user
master
devices
determining
configuration information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010788811.8A
Other languages
Chinese (zh)
Inventor
王鑫
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Arris Enterprises LLC
Original Assignee
Arris Enterprises LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Arris Enterprises LLC filed Critical Arris Enterprises LLC
Priority to CN202010788811.8A priority Critical patent/CN114095354A/en
Priority to US17/234,281 priority patent/US20220045901A1/en
Publication of CN114095354A publication Critical patent/CN114095354A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2854Wide area networks, e.g. public data networks
    • H04L12/2856Access arrangements, e.g. Internet access
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/28Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0866Checking the configuration

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Small-Scale Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present disclosure relates to an electronic device, a method for an electronic device, a computer-readable medium, and an apparatus. An electronic device comprising a memory storing instructions and a processor configured to execute the instructions stored on the memory to cause the electronic device to perform at least: receiving a network configuration information processing request for a network to which the first user equipment is connected from the first user equipment; determining whether a master device having a right to process network configuration information has been set; in response to determining that one or more user devices have been set as master devices: determining whether the first user equipment is a master control device; in response to determining that the first user device is a master device, responding to the network configuration information processing request; and in response to determining that the first user device is not the master device, rejecting the network configuration information processing request; and in response to determining that the master device is not set: responding to the network configuration information processing request.

Description

Electronic device, method for electronic device, computer-readable medium, and apparatus
Technical Field
The present disclosure relates to the field of electronic devices, and more particularly, to electronic devices associated with network access devices capable of providing network connectivity to multiple user devices.
Background
Network access devices, such as routers, provide network connectivity for user devices while also providing the functionality to configure and manage network connectivity. To facilitate use of the network, users are now often allowed to remotely access and set various network configuration information maintained by the router via user devices connected to the router. This presents a certain risk in terms of safety. Although it is usually required to provide an account and a password when logging in a configuration interface of a router, once the account and the password are leaked, an illegal user may change an access password or a configuration information access password of a network, restore a router to factory settings, or modify a parental control policy of the router without permission.
Disclosure of Invention
To address at least some of the above-mentioned deficiencies of current network access devices in use, the present disclosure provides an electronic device, a method for an electronic device, a computer-readable medium, and an apparatus that can further improve the security of network configuration information maintained by a network access device.
According to one aspect of the present disclosure, an electronic device is provided. The electronic device may include a memory having instructions stored thereon; and a processor configured to execute instructions stored on the memory to cause the electronic device to perform at least the following: receiving a network configuration information processing request from a first user equipment for a network to which the first user equipment is connected; determining whether one or more user devices have been set as a master device having a right to process network configuration information; in response to determining that the one or more user devices have been set as master devices: determining whether the first user device is one of the master devices; responsive to determining that the first user device is one of the master devices, responding to the network configuration information processing request; and in response to determining that the first user device is not one of the master devices, rejecting the network configuration information processing request; and in response to determining that no user device is set as the master device: responding to the network configuration information processing request.
In some embodiments, the processor is further configured to execute instructions stored on the memory to cause the electronic device to perform at least the following: determining whether a master device setup request is received from a second user device; in response to determining that no user device is set as a master device and that the master device setup request is not received: responding to the network configuration information processing request; and in response to determining that no user device is set as a master device, and determining that the master device setup request is received: and preferentially processing the main control equipment setting request compared with the network configuration information processing request.
In some embodiments, the processor is further configured to execute instructions stored on the memory to cause the electronic device to perform at least the following: receiving a main control equipment setting request from second user equipment; and in response to determining that the one or more user devices have been set as master devices: determining whether the second user equipment is one of the master control devices; responsive to determining that the second user device is one of the master devices, responding to the master device setup request; and in response to determining that the second user device is not one of the master devices, denying the master device setup request.
In some embodiments, the processor is further configured to execute instructions stored on the memory to cause the electronic device to perform at least the following: in response to determining that no user device is set as the master device: determining whether the second user equipment has the authority to set the main control equipment; in response to determining that the second user device has permission to set a master device, responding to the master device setup request; and in response to determining that the second user device does not have the right to set the master device, denying the master device setup request.
In some embodiments, the processor is further configured to execute instructions stored on the memory to cause the electronic device to perform at least the following: in response to determining that no user device is set as the master device: responding to the master device setup request.
In some embodiments, responding to the master device setup request comprises: adding one or more user devices indicated in the main control device setting request as additional main control devices; or revoking one or more user devices which are indicated in the main control device setting request and already serve as the main control devices; or replacing the original main control equipment by one or more user equipment indicated in the main control equipment setting request.
In some embodiments, the processor is further configured to execute instructions stored on the memory to cause the electronic device to perform at least the following: setting respective priorities of a plurality of user equipments in case of setting the plurality of user equipments as a master control equipment.
In some embodiments, the processor is further configured to execute instructions stored on the memory to cause the electronic device to perform at least the following: the request for modifying network configuration information from a user equipment with a lower priority is allowed to be overwritten by a request for modifying network configuration information from a user equipment with a higher priority of the plurality of user equipments.
In some embodiments, the network configuration information processing request comprises a request for at least one of: accessing network configuration information; modifying the network configuration information and restoring the network configuration information to a default value.
According to another aspect of the present disclosure, a method for an electronic device is provided. The method may include the operations performed by the electronic device described above according to embodiments of the present disclosure.
According to yet another aspect of the present disclosure, there is provided a non-transitory computer-readable medium having instructions stored thereon, which, when executed by a processor of an electronic device, cause the electronic device to perform the above-described method according to embodiments of the present disclosure.
According to yet another aspect of the present disclosure, there is provided an apparatus comprising means for performing the above-described method for an electronic device according to embodiments of the present disclosure.
Drawings
For a better understanding of the present disclosure, and to show how the same may be carried into effect, reference will now be made, by way of example, to the accompanying drawings, in which:
fig. 1 illustrates a schematic diagram of an example network environment including a network access device, in accordance with embodiments of the present disclosure;
fig. 2 illustrates a block diagram of an electronic device for implementing a network access device in accordance with an embodiment of the disclosure;
fig. 3 shows an exemplary flow diagram of a method for an electronic device according to an embodiment of the present disclosure;
fig. 4 shows an exemplary flowchart of a method for an electronic device according to another embodiment of the present disclosure;
fig. 5 illustrates an exemplary flowchart of a method for an electronic device to process a master device setup request according to an embodiment of the present disclosure.
Note that like reference numerals refer to corresponding parts throughout the drawings.
Detailed Description
The following detailed description is made with reference to the accompanying drawings and is provided to assist in a comprehensive understanding of various exemplary embodiments of the disclosure. The following description includes various details to aid understanding, but these details are to be regarded as examples only and are not intended to limit the disclosure, which is defined by the appended claims and their equivalents. The words and phrases used in the following description are used only to provide a clear and consistent understanding of the disclosure. In addition, descriptions of well-known structures, functions, and configurations may be omitted for clarity and conciseness. Those of ordinary skill in the art will recognize that various changes and modifications of the examples described herein can be made without departing from the spirit and scope of the disclosure.
Fig. 1 is a schematic diagram illustrating an example network environment 100 including a network access device in accordance with an embodiment of the disclosure.
The example network environment 100 may include a network access device 110 and one or more user devices 120A, 120B, 120C (hereinafter collectively referred to as user devices 120 for simplicity). The network access device 110 is used to provide network connectivity for the user equipment 120. In particular, the network access device 110 may receive/route various types of communications from the user device 120 and/or transmit/route various types of communications to the user device 120. In some embodiments, the Network access device 110 provides only an internal Network 130 (e.g., a wired or wireless Local Area Network (LAN)) connection for the user device 120. All user devices 120 connected to the network access device 110 are within the same internal network and can communicate directly with each other. In a further embodiment, the network access device 110 is also connected to an external network 140, such that the user device 120 may access the external network 140 via it. The network access device 110 may be, for example, a hardware electronic device that combines the functionality of a Network Access Server (NAS), a router, a layer 2/3 switch, an access point, and the like. Network access device 110 may also include, but is not limited to, the functionality of an IP/QAM Set Top Box (STB) or Smart Media Device (SMD) capable of decoding audio/video content and playing content provided by an "over the internet (OTT)" media service or a Multiple System Operator (MSO).
In some embodiments, the user device 120 may be any electronic device having at least one network interface. For example, the user device 120 may be: a desktop computer, a laptop computer, a server, a mainframe computer, a cloud-based computer, a tablet computer, a smartphone, a smartwatch, a wearable device, a consumer electronic device, a portable computing device, a radio node, a router, a switch, a repeater, an access point, and/or other electronic devices. As will be described in more detail below in conjunction with fig. 2, the user device 120 utilizes its network interface to communicate with a physical or virtual network interface of the network access device 110 to access the internal network 130 via the network access device 110. Multiple user devices 120A, 120B, 120C may be connected to the same or different network interfaces of the network access device 110. Although three user devices are shown in fig. 1, it should be understood that the number of user devices to which the network access device can connect may be less than or more than three, depending on the number of specific physical interfaces and/or network capacity supported by the network access device.
External Network 140 may include various types of wired or wireless networks, internal networks, or public networks, such as other Local Area Networks (LANs) or Wide Area Networks (WANs) (e.g., the Internet). Note that the present disclosure does not specifically limit the type of external network 140.
In some embodiments, network environment 100 may also include a network configuration server 112. The network configuration server 112 may maintain network configuration information associated with the internal network 130 provided by the network access device 110 to the user device 120. For example, as a non-limiting example, the network configuration server 112 may store an access password and a configuration information access password for the internal network 130. In the specific example where the network access device 110 is a router that provides parental control functionality, the network configuration server 112 may also store parental control policy information, such as information associated with devices to which access is restricted, times to which access is restricted, or websites to which access is restricted. The network configuration server 112 may also provide an interface for users to process network configuration information. For example, a user may access the network configuration server 112 via the user device 120 and access or modify the network configuration information through an interface provided by the network configuration server 112, or restore the network access device 110 to factory settings to reset the network configuration information.
In some embodiments, the network configuration server 112 may be external to the network access device 110 and communicatively coupled with the network access device 110 for the exchange of data and control signaling. In other embodiments, network configuration server 112 may be integrated within network access device 110.
Fig. 2 illustrates an exemplary configuration block diagram of an electronic device 200 according to an embodiment of the present disclosure. Electronic device 200 may be used to implement network access device 110 in fig. 1.
As shown in fig. 2, the electronic device 200 includes a user interface 20, a network interface 21, a power supply 22, an external network interface 23, a memory 24, and a processor 26. The user interface 20 may include, but is not limited to, buttons, a keyboard, a keypad, an LCD, a CRT, TFTs, LEDs, HD, or other similar display devices, including display devices having touch screen capabilities to enable interaction between a user and an electronic device. In some embodiments, the user interface 20 may be used to present a Graphical User Interface (GUI) to receive user input.
The network interface 21 may include various network cards and circuitry implemented in software and/or hardware to enable communication with user devices using wired or wireless protocols. The wired communication protocol is, for example, any one or more of an ethernet protocol, a multimedia over coax (MoCA) specification protocol, a USB protocol, or other wired communication protocol. The wireless protocol is, for example, any IEEE802.11wi-Fi protocol, Bluetooth Low Energy (BLE) or other short range protocol operating according to a wireless technology standard for exchanging data over short distances using any licensed or unlicensed frequency band, such as the national broadband radio service (CBRS) frequency band, the 2.4GHz frequency band, the 5GHz frequency band, the 6GHz frequency band or the 60GHz frequency band, such as the RF4CE protocol, the ZigBee protocol, the Z-Wave protocol or the IEEE 802.15.4 protocol. Where the network interface 21 uses a wireless protocol, in some embodiments, the network interface 21 may also include one or more antennas (not shown) or circuit nodes for coupling to one or more antennas. The electronic device 200 may provide an internal network (e.g., the internal network 130 of fig. 1) to the user device through the network interface 21.
The power supply 22 provides power to the internal components of the electronic device 200 via the internal bus 27. The power source 22 may be a self-contained power source, such as a battery pack, whose interface is powered by a charger connected to an outlet (e.g., directly or through other equipment). The power source 22 may also include a rechargeable battery, such as a NiCd, NiMH, Li-ion or Li-pol battery, which may be removable for replacement. The external network interface 23 may include various network cards and circuitry implemented in software and/or hardware executed on hardware to enable communication between the electronic device 200 and a provider of an external network (e.g., the external network 140 in FIG. 1), such as an Internet service provider or MSO.
Memory 24 comprises a single memory or one or more memories or storage locations including, but not limited to, Random Access Memory (RAM), Dynamic Random Access Memory (DRAM), Static Random Access Memory (SRAM), Read Only Memory (ROM), Erasable Programmable Read Only Memory (EPROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory, logic blocks of an FPGA, a hard disk, or any other layers of a memory hierarchy. The memory 24 may be used to store any type of instructions, software, or algorithms, including software 25 for controlling the general functions and operations of the electronic device 200.
The processor 26 controls the general operation of the electronic device 200 and performs management functions related to other devices in the network, such as user equipment. The processor 26 may include, but is not limited to, a CPU, hardware microprocessor, hardware processor, multi-core processor, single-core processor, microcontroller, Application Specific Integrated Circuit (ASIC), DSP, or other similar processing device capable of executing any type of instructions, algorithms, or software for controlling the operation and function of the electronic device 200 according to embodiments described in this disclosure. The processor 26 may be various implementations of digital circuitry, analog circuitry, or mixed-signal (a combination of analog and digital) circuitry that performs functions in a computing system. The processor 26 may include, for example, a system such as an Integrated Circuit (IC), a portion or circuit of an individual processor core, an entire processor core, an individual processor, a programmable hardware device such as a Field Programmable Gate Array (FPGA), and/or a plurality of processors.
The internal bus 27 may be used to establish communication between components (e.g., 20-22, 24, and 26) of the electronic device 200.
Although electronic device 200 is described using specific components, in alternative embodiments, different components may be present in electronic device 200. For example, the electronic device 200 may include one or more additional processors, memories, network interfaces, external network interfaces, and/or user interfaces. Additionally, one or more of the components may not be present in the electronic device 200. Further, in some embodiments, electronic device 200 may include one or more components not shown in fig. 2. Additionally, although separate components are shown in fig. 2, in some embodiments some or all of a given component may be integrated into one or more of the other components in electronic device 200. Further, any combination of analog and/or digital circuits may be used to implement the circuits and components in the electronic device 200.
Fig. 3 shows a flow diagram of a method 300 for an electronic device, in accordance with an embodiment of the present disclosure. The method 300 may be used, for example, with the network access device 110 shown in fig. 1 or the electronic device 200 shown in fig. 2. An electronic device and a method for the electronic device according to an embodiment of the present disclosure will be described in detail below with reference to fig. 1 to 3.
As shown in fig. 3, in step S302, the processor 26 of the electronic device 200 receives a network configuration information processing request for a network to which the first user device is connected from the first user device.
As previously described, the electronic device 200 may provide a network (e.g., the internal network 130 of fig. 1) to the first user device via the network interface 21 and accordingly receive a network configuration information processing request from the first user device. The first user device may be, for example, user device 120 in fig. 1, where "first" is merely for ease of description and distinction and is not intended to emphasize order.
In some embodiments, the first user device may issue the network configuration information processing request by accessing a network configuration server (e.g., network configuration server 112 in fig. 1) via a network. Access to the network configuration server may be via the electronic device 200, whether the network configuration server is internal or external to the electronic device 200. For example, the first user device may access a network configuration server (e.g., network configuration server 112 in fig. 1) to issue the network configuration information processing request through any one of a Web-based Graphical User Interface (GUI), an application program (APP), a Simple Network Management Protocol (SNMP), or a user terminal device wide area network management protocol (TR 069). In one specific example where the electronic device 200 is a router, for example, the user of the first user device may enter "192.168.0.1" in his browser to access a router configuration web page provided by the network configuration server after the first user device connects to the router, and the router may receive the access request.
In some embodiments, the network configuration information processing request may include a request for at least one of: accessing network configuration information, modifying the network configuration information, and restoring the network configuration information to a default value. The network configuration information may be any configuration information associated with an internal or external network connection provided by the electronic device 200 to the user device. As non-limiting examples, the network configuration information may include a network access password, an access password for the network configuration information, or setting information for other network functions, such as parental control, port forwarding, quarantine zone (DMZ). Restoring the network configuration information to the default value may include restoring the electronic device 200 to factory settings.
In some embodiments, the processor 26 may authenticate the user using the first user device prior to or concurrently with step S302. For example, the user may be required to provide an account and/or password via the first user device, match the account and/or password with a reference account and/or password, and successfully authenticate the user as a legitimate user when the two match. The processor 26 may perform step S302 or further step S304 only after the authentication is successful.
In step S304, the processor 26 determines whether one or more user devices have been set as master devices, wherein the master devices may have authority to process the network configuration information.
How the user device is set as the master device and whether the user device can be set as the master device will be described in detail later with reference to fig. 5. In general, the master device may be set by default at internal network initialization or may be set by a master device setup request. The master device setup request may indicate the user device that initiated the request and the user device to be set as the master device. In some embodiments, the initiating user device is verified whether it is the master device or whether it has other authorizations to set up the master device. In some further embodiments, the qualification of the user device to be set as the master device is also verified. This means that, in a strict situation, a user device can only be set as a master device if it is set by an authorized user device and it also qualifies itself as a master device. However, it should also be appreciated that such double verification is not always necessary, and sometimes a single verification may be sufficient, as shown in FIG. 5.
In some embodiments, step S304 includes the processor 26 first confirming whether the master device mode is enabled. The user can enable/disable the master device mode in any way of GUI, APP, SNMP or TR069 based Web. If the mode is enabled, then it is determined whether the master device has been set. Otherwise, if the mode is disabled, the process goes directly to step S308.
In some embodiments, information, such as a user device unique identifier, for one or more user devices to be used as master devices may be stored in memory 24 of electronic device 200 or an associated network configuration server. In other embodiments, the processor 26 may mark one or more user devices in the list of user devices connected to the electronic device 200 as master devices in response to a user selection of the one or more user devices and record their respective unique identifiers. The unique identifier of the user equipment may be, for example, a Media Access Control (MAC) address of the user equipment.
In some embodiments, the processing that the master device has the authority to process the network configuration information may include those processes requested in the foregoing network configuration information processing request, which is not described herein again.
In response to determining in step S304 that the one or more user devices have been set as master devices, the processor 26 further determines in step S306 whether the first user device is one of the master devices.
In some embodiments, the network configuration information processing request from the first user equipment comprises a unique identifier of the first user equipment. The processor 26 can compare the unique identifier of the first user device to the unique identifiers of the one or more user devices acting as master devices stored in the memory 24 or associated network configuration server of the electronic device 200 to determine whether the first user device is a master device.
In response to determining in step S306 that the first user device is one of the master devices, in step S308, the processor 26 may respond to the network configuration information processing request received in step S302. In some embodiments, responding to the network configuration information processing request may include performing the requested processing of the network configuration information. In further embodiments, processor 26 may accordingly perform at least one of the following in accordance with the network configuration information processing request: the method includes sending network configuration information to the first user equipment, modifying the network configuration information, and restoring the network configuration information to a default value.
In response to determining in step S306 that the first user device is not one of the master devices, the processor 26 may deny the network configuration information processing request in step S310. In some embodiments, denying the network configuration information processing request may include denying performance of the requested processing of the network configuration information. In further embodiments, processor 26 may accordingly deny execution of at least one of the following in accordance with the network configuration information processing request: the method includes sending network configuration information to the first user equipment, modifying the network configuration information, and restoring the network configuration information to a default value.
In some embodiments, where multiple user devices are set as master devices, the processor 26 may also set respective priorities for the multiple user devices. And under the condition that the network configuration information processing requests from the plurality of main control devices conflict, preferentially ensuring that the network configuration information processing requests of the main control devices with higher priority are executed. For example, the processor 26 may be configured to permit overwriting of requests to modify network configuration information from lower priority user devices with requests to modify network configuration information from higher priority master devices, and to deny overwriting of requests to modify network configuration information from higher priority master devices with requests to modify network configuration information from lower priority user devices. To accomplish this, the processor 26 may store a processing log of the network configuration information, including a unique identifier and priority information of the master device requesting processing, in an internal memory of the electronic device 200 or a network configuration server. In this way, upon receiving a request from a master device to perform processing on network configuration information, the processor 26 may determine whether the priority of the master device is not lower than the priority of another master device that previously performed processing on the same network configuration information, and if not, perform the network configuration information processing request (step S308), and if not, reject the network configuration information processing request (step S310).
It should be appreciated that while a sequence of execution of the steps is shown in fig. 3, in other embodiments according to the present disclosure, any other sequence of execution (including simultaneously) may be employed. For example, step S302 may be performed after step S304, i.e., on a path of which the determination result of step S304 is yes and/or on a path of which the determination result of step S304 is no. For another example, step S304 and step S306 may be performed simultaneously.
The method 300 according to the embodiment of the present disclosure enables the electronic device to distinguish the user devices, and only allows the authorized user devices to process the network configuration information, thereby improving the security of the network configuration information. In addition, the method 300 also allows any user equipment to process the network configuration information without setting a master control device, thereby realizing compatibility with the conventional network control mode.
Next, an exemplary flowchart of a method 400 for an electronic device according to another embodiment of the present disclosure is described with reference to fig. 4. The method 400 may be used, for example, with the network access device 110 shown in fig. 1 or the electronic device 200 shown in fig. 2. In the method 400, steps S302, S304 to S310 are the same as the method 300 described with reference to fig. 3, so the same reference numerals are attached and the description is omitted. Hereinafter, only the steps S402 and S404 different from the method 300 in fig. 3 will be described.
Unlike the step S308 performed when the determination result of the step S304 is "no" in fig. 3, as shown in fig. 4, in some embodiments, when the determination result of the step S304 is "no", it may be determined whether a master device setting request from the second user device is received in the step S402.
Like the first user device, the second user device may be any user device connected to the electronic device 200 (e.g., user device 120 in fig. 1). "second" is merely for convenience of description and distinction and is not intended to emphasize order. In some embodiments, the second user device may be a different user device that is connected to the electronic device 200 at the same time as the first user device. In other embodiments, the second user device may be the same user device as the first user device.
In some embodiments, the master device setup request may request a request to add one or more user device settings as a master device. In some embodiments, the master device setup request may request that one or more user devices that have been set as master devices be revoked as non-master devices. In some embodiments, the master device setup request may request that one or more of the user devices that have been set as master devices be replaced with another one or more user devices. The master device setup request may include a unique identifier of one or more user devices that are set or revoked. The one or more user devices for which the master device setup request is directed may or may not include the second user device.
In some embodiments, the second user device may issue a master device setup request to the electronic device 200 by accessing a network configuration server (e.g., network configuration server 112 in fig. 1) via a network. For example, the second user device may issue the master device setup request in any of a Web-based GUI, APP, SNMP, or TR 069.
In response to receiving the master device setting request from the second user device in step S402, the master device setting request is preferentially processed in step S404.
"priority processing" means that the master device is given higher priority to the setting request relative to the network configuration information processing request. In some embodiments, prioritizing the master device setup request may include suspending processing of the network configuration information processing request. For example, step S304 may be performed after the master device setup request is processed. In other embodiments, the network configuration information processing request may be directly rejected, i.e., step S310 is performed.
The specific steps of processing the master device setting request will be described later with reference to fig. 5.
In some embodiments, the processor 26 may authenticate the user using the second user device before or at the same time as step S402. For example, the user may be required to provide an account and/or password via the second user device, match the account and/or password with a reference account and/or password, and successfully authenticate the user as a legitimate user when the two match. The processor 26 may perform step S402 or further follow-up only after the authentication is successful.
In some embodiments, in response to not receiving a master device setup request from the second user device in step S402, the method 400 may proceed to step S308. The specific processing of this step can refer to the description of fig. 3, and is not described herein again.
Although the order in which the steps are performed is shown in fig. 4, in other embodiments according to the present disclosure, any other order of execution (including simultaneously) may be employed.
For example, steps S402 and S404 may be performed between step S302 and step S304, such that step S304 is performed when the determination result of step S402 is "no", and the manner of performing steps S304-S310 is completely consistent with fig. 3.
For another example, step S402 and step S404 may be performed after step S308. In this case, the second user equipment may be the same user equipment as the first user equipment. The user equipment may first request access to network configuration information including a list of all user equipments connected to the electronic device 200 at step S302. If no master device is set at this time, the method 400 proceeds to step S308, whereby the user device can obtain a list of all user devices connected to the electronic device 200. Then, the user device selects one or more user devices connected to the electronic device 200 to be set as a master device, and transmits such a master device setting request to the electronic device 200. The electronic device 200 will process the master device setup request according to step S404.
The method 400 according to the embodiment of the present disclosure enables the electronic device to guarantee that the master control device is set preferentially, thereby preventing the user device from illegally processing the network configuration information when the master control device is not set yet.
Next, an exemplary flowchart of a method 500 for processing a master device setup request according to an embodiment of the present disclosure is described with reference to fig. 5. The method 500 may be used, for example, with the network access device 110 shown in fig. 1 or the electronic device 200 shown in fig. 2. The method 500 may be performed in conjunction with the method described with reference to fig. 3 or the method 400 described with reference to fig. 4, or may be performed separately. For example, the method 500 may be performed after step S404 of the method 400 (including step S404 after the method 400 adjusts the order of execution of the steps) as a specific procedure of processing the master device setting request. In the method 500, step S304 is the same as the method 300 described with reference to fig. 3 and the method 400 described with reference to fig. 4, so the same reference numerals are attached and the description is omitted. Hereinafter, only differences from the method 300 in fig. 3 and the method 400 in fig. 4 will be described.
As shown in fig. 5, in some embodiments, the processor 26 may receive a master device setup request from the second user device in step S502. This step may be described with reference to the portion of fig. 4 directed to step S402 and step S404.
In some embodiments, in step S504, the processor 26 may determine whether the second user device is the master device in response to determining that one or more user devices have been set as the master device. This step may be as described with reference to step S306 in fig. 3 and 4, except that the object targeted in step S306 is a first user equipment, and that targeted in step S504 is a second user equipment.
In some embodiments, in step S506, the processor 26 may respond to the master device setup request in response to determining that the second user device is the master device. In some embodiments, responding to the master device setup request may include performing corresponding master device setup according to the master device setup request. In further embodiments, the processor 26 may accordingly perform at least one of the following in accordance with the master device setup request: adding one or more master devices, revoking one or more master devices, or replacing one or more original master devices with one or more user devices. In other embodiments, responding to the master device setting request may include first checking whether a user device indicated as to be set as the master device in the master device setting request is qualified to be set as the master device, and setting only the qualified user device as the master device according to the master device setting request. For example, in a case where the electronic device 200 provides a parental control function, a user device to be set as a master device may have been listed as a device restricted from partial or full network access by setting network configuration information. In this case, if the user device is still allowed to be set as the master device, it will have an opportunity to modify the parental control policy, which is disadvantageous. Advantageously, therefore, such user devices are marked as not eligible to be set as master devices. In further embodiments, the processor 26 may store the unique identifier of the user device with or without qualification as a master device in the memory 24 or network configuration server internal to the electronic device 200. Thus, the processor 26 may compare the identifier of the user device to be set as the master device included in the master device setup request with the stored unique identifier of the user device with or without qualification to be set as the master device to determine whether the user device qualifies to be set as the master device.
In some embodiments, in step S506, the processor 26 may further determine whether there is a limit on the number of allowed master devices, and in the case that there is a limit on the number of master devices, make an appropriate adjustment to the response of the master device setting request, or feed back information of the limit on the number of master devices to the second user device. For example, if the number of allowed master devices is limited to one and only one, the processor 26 will only allow the second user device to hand over its own master device identity to other user devices, and not allow the addition of a new master device or simply revoke its own master device identity.
In some embodiments, in step S508, the processor 26 may deny the master device setup request in response to determining that the second user device is not the master device. In some embodiments, denying the master device setup request may include denying execution of the requested master device setup.
In some embodiments, upon determining in step S304 that the master device is not set, the processor 26 may perform step S506 of processing a master device setting request from the second user device.
In other embodiments, upon determining in step S304 that the master device is not set, the processor 26 may perform step S510 of further determining whether the second user device has the right to set the master device.
In some cases, the second user device may not have the right to set the master device. For example, in a case where the electronic device 200 provides a parental control function, the second user device may have been listed as a device restricted to partial or full network access by setting the network configuration information. In this case, if the second user device is still allowed to set the master device, it may set itself as the master device, thereby obtaining the right to modify the parental control policy. Advantageously, therefore, such a second user device will be marked as not having the right to set the master device.
In some embodiments, the processor 26 may store the unique identifier of the user device with or without the set master device authority in the memory 24 or a network configuration server internal to the electronic device 200. Thus, the processor 26 may compare the identifier of the second user device included in the master device setup request with the stored unique identifier of the user device with or without the authority to set up the master device to determine whether the second user device has the authority to set up the master device.
In some embodiments, upon determining in step S510 that the second user device has the authority to set the master device, the processor 26 may perform step S506 of processing a master device setting request from the second user device.
In some embodiments, upon determining in step S510 that the second user device does not have the authority to set the master device, the processor 26 may perform step S508 of rejecting the master device setting request from the second user device.
Although a sequence of execution of the steps is shown in fig. 5, in other embodiments according to the present disclosure, any other sequence of execution (including simultaneously) may be employed.
The method 500 according to the embodiment of the present disclosure provides a security mechanism for setting up the master device, thereby enriching the applicability of the method 300 or the method 400 for guaranteeing the security of the network configuration information based on the master device.
The present disclosure may be implemented as any combination of apparatus, systems, integrated circuits, and computer programs on non-transitory computer readable media. One or more controllers may be implemented as an Integrated Circuit (IC), an Application Specific Integrated Circuit (ASIC), or a large scale integrated circuit (LSI), a system LSI, a super LSI, or an ultra LSI package that performs some or all of the functions described in this disclosure.
The present disclosure includes the use of software, applications, computer programs or algorithms. Software, applications, computer programs, or algorithms may be stored on a non-transitory computer readable medium to cause a computer, such as one or more processors, to perform the steps described above and depicted in the figures. For example, the one or more memories store software or algorithms in executable instructions and the one or more processors may be associated with a set of instructions that execute the software or algorithms to provide network configuration information management functionality of the network access device according to embodiments described in this disclosure.
Software and computer programs (which may also be referred to as programs, software applications, components, or code) include machine instructions for a programmable processor, and may be implemented in a high-level procedural, object-oriented, functional, logical, or assembly or machine language. The term "computer-readable medium" refers to any computer program product, apparatus or device, such as magnetic disks, optical disks, solid state storage devices, memories, and Programmable Logic Devices (PLDs), used to provide machine instructions or data to a programmable data processor, including a computer-readable medium that receives machine instructions as a computer-readable signal.
By way of example, computer-readable media can comprise Dynamic Random Access Memory (DRAM), Random Access Memory (RAM), Read Only Memory (ROM), electrically erasable read only memory (EEPROM), compact disk read only memory (CD-ROM) or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to carry or store desired computer-readable program code in the form of instructions or data structures and which can be accessed by a general-purpose or special-purpose computer or a general-purpose or special-purpose processor. Disk or disc, as used herein, includes Compact Disc (CD), laser disc, optical disc, Digital Versatile Disc (DVD), floppy disk and blu-ray disc where disks usually reproduce data magnetically, while discs reproduce data optically with lasers. Combinations of the above are also included within the scope of computer-readable media.
Additionally, the above description provides examples, and does not limit the scope, applicability, or configuration set forth in the claims. Changes may be made in the function and arrangement of elements discussed without departing from the spirit and scope of the disclosure. Various embodiments may omit, substitute, or add various procedures or components as appropriate. For example, features described with respect to certain embodiments may be combined in other embodiments.

Claims (21)

1. An electronic device, comprising:
a memory having instructions stored thereon; and
a processor configured to execute instructions stored on the memory to cause the electronic device to perform at least the following:
receiving a network configuration information processing request from a first user equipment for a network to which the first user equipment is connected;
determining whether one or more user devices have been set as a master device having a right to process network configuration information;
in response to determining that the one or more user devices have been set as master devices:
determining whether the first user device is one of the master devices;
responsive to determining that the first user device is one of the master devices, responding to the network configuration information processing request; and
rejecting the network configuration information processing request in response to determining that the first user device is not one of the master devices; and
in response to determining that no user device is set as the master device:
responding to the network configuration information processing request.
2. The electronic device of claim 1, wherein the processor is further configured to execute instructions stored on the memory to cause the electronic device to perform at least the following:
determining whether a master device setup request is received from a second user device;
in response to determining that no user device is set as a master device and that the master device setup request is not received:
responding to the network configuration information processing request; and
in response to determining that no user device is set as a master device and that the master device setup request is received:
and preferentially processing the main control equipment setting request compared with the network configuration information processing request.
3. The electronic device of any of claims 1-2, wherein the processor is further configured to execute instructions stored on the memory to cause the electronic device to perform at least the following:
receiving a main control equipment setting request from second user equipment; and
in response to determining that the one or more user devices have been set as master devices:
determining whether the second user equipment is one of the master control devices;
responsive to determining that the second user device is one of the master devices, responding to the master device setup request; and
denying the master device setup request in response to determining that the second user device is not one of the master devices.
4. The electronic device of claim 3, wherein the processor is further configured to execute instructions stored on the memory to cause the electronic device to perform at least the following:
in response to determining that no user device is set as the master device:
determining whether the second user equipment has the authority to set the main control equipment;
in response to determining that the second user device has permission to set a master device, responding to the master device setup request; and
denying the master device setup request in response to determining that the second user device does not have the right to setup the master device.
5. The electronic device of claim 3, wherein the processor is further configured to execute instructions stored on the memory to cause the electronic device to perform at least the following:
in response to determining that no user device is set as the master device:
responding to the master device setup request.
6. The electronic device of claim 3, wherein responding to the master device setup request comprises:
adding one or more user devices indicated in the main control device setting request as additional main control devices; or
Revoking one or more user devices which have been used as the master device and are indicated in the master device setting request; or
And replacing the original main control equipment by one or more user equipment indicated in the main control equipment setting request.
7. The electronic device of claim 1, wherein the processor is further configured to execute instructions stored on the memory to cause the electronic device to perform at least the following:
setting respective priorities of a plurality of user equipments in case of setting the plurality of user equipments as a master control equipment.
8. The electronic device of claim 7, wherein the processor is further configured to execute instructions stored on the memory to cause the electronic device to perform at least the following:
the request for modifying network configuration information from a user equipment with a lower priority is allowed to be overwritten by a request for modifying network configuration information from a user equipment with a higher priority of the plurality of user equipments.
9. The electronic device of claim 1, wherein the network configuration information processing request comprises a request for at least one of:
accessing network configuration information;
modifying the network configuration information; and
and restoring the network configuration information to a default value.
10. A method for an electronic device, comprising:
receiving a network configuration information processing request from a first user equipment for a network to which the first user equipment is connected;
determining whether one or more user devices have been set as a master device having a right to process network configuration information;
in response to determining that the one or more user devices have been set as master devices:
determining whether the first user equipment is one of the master control devices;
responsive to determining that the first user device is one of the master devices, responding to the network configuration information processing request; and
rejecting the network configuration information processing request in response to determining that the first user device is not one of the master devices; and
in response to determining that no user device is set as the master device:
responding to the network configuration information processing request.
11. The method of claim 10, further comprising:
determining whether a master device setup request is received from a second user device;
in response to determining that no user device is set as a master device and that the master device setup request is not received:
responding to the network configuration information processing request; and
in response to determining that no user device is set as a master device and that the master device setup request is received:
and preferentially processing the main control equipment setting request compared with the network configuration information processing request.
12. The method of claim 10 or 11, further comprising:
receiving a main control equipment setting request from second user equipment; and
in response to determining that the one or more user devices have been set as master devices:
determining whether the second user equipment is one of the master control devices;
responsive to determining that the second user device is one of the master devices, responding to the master device setup request; and
denying the master device setup request in response to determining that the second user device is not one of the master devices.
13. The method of claim 12, further comprising:
in response to determining that no user device is set as the master device:
determining whether the second user equipment has the authority to set the main control equipment;
in response to determining that the second user device has permission to set a master device, responding to the master device setup request; and
denying the master device setup request in response to determining that the second user device does not have the right to setup the master device.
14. The method of claim 12, wherein responding to the master device setup request comprises:
adding one or more user devices indicated in the main control device setting request as additional main control devices; or
Revoking one or more user devices which have been used as the master device and are indicated in the master device setting request; or
And replacing the original main control equipment by one or more user equipment indicated in the main control equipment setting request.
15. The method of claim 10, further comprising:
setting respective priorities of a plurality of user equipments in case of setting the plurality of user equipments as a master control equipment.
16. A non-transitory computer-readable medium having instructions stored thereon, which, when executed by a processor of an electronic device, cause the electronic device to perform at least the following:
receiving a network configuration information processing request from a first user equipment for a network to which the first user equipment is connected;
determining whether one or more user devices have been set as a master device having a right to process network configuration information;
in response to determining that the one or more user devices have been set as master devices:
determining whether the first user equipment is one of the master control devices;
responsive to determining that the first user device is one of the master devices, responding to the network configuration information processing request; and
rejecting the network configuration information processing request in response to determining that the first user device is not one of the master devices; and
in response to determining that no user device is set as the master device:
responding to the network configuration information processing request.
17. The non-transitory computer-readable medium of claim 16, further having instructions stored thereon, which, when executed by the processor, cause the electronic device to perform at least the following:
determining whether a master device setup request is received from a second user device;
in response to determining that no user device is set as a master device and that the master device setup request is not received:
responding to the network configuration information processing request; and
in response to determining that no user device is set as a master device and that the master device setup request is received:
and preferentially processing the main control equipment setting request compared with the network configuration information processing request.
18. The non-transitory computer-readable medium of claim 16 or 17, further having instructions stored thereon, which, when executed by the processor, cause the electronic device to perform at least the following:
receiving a main control equipment setting request from second user equipment;
in response to determining that the one or more user devices have been set as master devices:
determining whether the second user equipment is one of the master control devices;
responsive to determining that the second user device is one of the master devices, responding to the master device setup request; and
denying the master device setup request in response to determining that the second user device is not one of the master devices.
19. The non-transitory computer-readable medium of claim 18, wherein responding to the master device setup request comprises:
adding one or more user devices indicated in the main control device setting request as additional main control devices; or
Revoking one or more user devices which have been used as the master device and are indicated in the master device setting request; or
And replacing the original main control equipment by one or more user equipment indicated in the main control equipment setting request.
20. The non-transitory computer-readable medium of claim 16, further having instructions stored thereon, which, when executed by the processor, cause the electronic device to perform at least the following:
setting respective priorities of a plurality of user equipments in case of setting the plurality of user equipments as a master control equipment.
21. An apparatus comprising means for performing the method of any of claims 10-15.
CN202010788811.8A 2020-08-07 2020-08-07 Electronic device, method for electronic device, computer-readable medium, and apparatus Pending CN114095354A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202010788811.8A CN114095354A (en) 2020-08-07 2020-08-07 Electronic device, method for electronic device, computer-readable medium, and apparatus
US17/234,281 US20220045901A1 (en) 2020-08-07 2021-04-19 Electronic device, method for electronic device, computer readable medium, and apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010788811.8A CN114095354A (en) 2020-08-07 2020-08-07 Electronic device, method for electronic device, computer-readable medium, and apparatus

Publications (1)

Publication Number Publication Date
CN114095354A true CN114095354A (en) 2022-02-25

Family

ID=80114058

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010788811.8A Pending CN114095354A (en) 2020-08-07 2020-08-07 Electronic device, method for electronic device, computer-readable medium, and apparatus

Country Status (2)

Country Link
US (1) US20220045901A1 (en)
CN (1) CN114095354A (en)

Family Cites Families (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1500244B1 (en) * 2001-05-01 2013-04-03 Meta4hand Inc. Wireless network computing
US20080155126A1 (en) * 2006-12-22 2008-06-26 Texas Instruments, Inc. Auto-Configuration Of Daisy-Chained Devices
US20100114826A1 (en) * 2008-10-24 2010-05-06 Microsoft Corporation Configuration management in distributed data systems
US9088491B2 (en) * 2012-03-07 2015-07-21 Citrix Systems, Inc. Systems and methods for comparing configuration files and generating corrective commands
US8850068B2 (en) * 2012-05-03 2014-09-30 Futurewei Technologies, Inc. United router farm setup
KR102012248B1 (en) * 2013-03-27 2019-08-22 한국전자통신연구원 Apparatus and method for managing synchronization group in wireless communication system
CN105357123B (en) * 2015-11-30 2018-04-06 上海斐讯数据通信技术有限公司 Right management method, system and the router of router
US20170284818A1 (en) * 2016-03-31 2017-10-05 International Business Machines Corporation Sharing route information within a group of travelers
US10523716B1 (en) * 2016-09-23 2019-12-31 Amazon Technologies Inc. Immutable accounts
US10382258B2 (en) * 2017-05-11 2019-08-13 Western Digital Technologies, Inc. Viral system discovery and installation for distributed networks
CN109842508B (en) * 2017-11-27 2022-04-05 华为技术有限公司 Multi-terminal cooperative work method, terminal equipment and multi-terminal cooperative system
US10915334B2 (en) * 2018-08-21 2021-02-09 Microsoft Technology Licensing, Llc Enforcement of role-based constraints on the modification of components of a multi-user aware computing device
CN110113181B (en) * 2019-03-13 2023-08-22 中国平安人寿保险股份有限公司 Node configuration method, node configuration device, computer device, and readable storage medium
JP2021051532A (en) * 2019-09-25 2021-04-01 株式会社日立製作所 Computer system
US20220330263A1 (en) * 2019-09-26 2022-10-13 Nokia Technologies Oy Computing device comprising a pool of terminal devices and a controller
FR3103586B1 (en) * 2019-11-22 2023-04-14 St Microelectronics Alps Sas Method for managing the operation of a system on chip forming for example a microcontroller, and corresponding system on chip

Also Published As

Publication number Publication date
US20220045901A1 (en) 2022-02-10

Similar Documents

Publication Publication Date Title
US20210328814A1 (en) Blockchain integrated stations and automatic blockchain construction methods and apparatuses
US10261556B2 (en) Supporting power management on power-over-Ethernet (PoE) enabled ports
EP2973188B1 (en) Secondary device as key for authorizing access to resources
US9401915B2 (en) Secondary device as key for authorizing access to resources
US11184768B2 (en) Methods and systems for automatically connecting to a network
US20180109530A1 (en) Peer to peer enterprise file sharing
US10986095B2 (en) Systems and methods for controlling network access
US10397047B2 (en) Apparatus, system, and method for secure remote configuration of network devices
US20140096180A1 (en) System, devices, and methods for proximity-based parental controls
US11451531B2 (en) Certificate obtaining method, authentication method, and network device
US11546150B2 (en) Secure scalable link key distribution using bootsrapping
US9584508B2 (en) Peer to peer enterprise file sharing
US20220109671A1 (en) Biometrics based access controls for network features
US20160191249A1 (en) Peer to peer enterprise file sharing
US8989380B1 (en) Controlling communication of a wireless communication device
US20220109988A1 (en) Methods and systems for automatically connecting to a network
CN107040381A (en) Method and system for secure accessing Field Replaceable Unit
CN110139274A (en) A kind of method for authenticating of bluetooth equipment, electronic equipment and can storage medium
US9961074B2 (en) System and method for providing an authentication certificate for a wireless handheld device a data center environment
US10516998B2 (en) Wireless network authentication control
CN106537962B (en) Wireless network configuration, access and access method, device and equipment
CN114095354A (en) Electronic device, method for electronic device, computer-readable medium, and apparatus
US20220217151A1 (en) Electronic device, method, medium, and program for switching parental control modes
US20220278967A1 (en) Verified Anonymous Persona for a Distributed Token
US20220100843A1 (en) Client device based management of multiple devices with single user account

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination